2018-09-21, 22:05
2018-09-21, 23:13
Try again with ftp://user:[email protected]:port/|AUTH=TLS&verifypeer=false, correct seperator for multiple url options is & not |.
2018-09-22, 11:27
Thank you for help. With new sources links its still not working.
There are three different test sources I used
Pastebin Log
EDIT: I checked my vsftpd again and changed all user:pass logins and checked connections by ftp clients.
It is only refusing with Kodi. The Logs are always the same.
Finally set logs to verbose in server
Sat Sep 22 16:40:29 2018 [pid 15456] [user] FTP response: Client "192.168.1.8", "530 Non-anonymous sessions must use encryption."
Then I changed source links to:
And here is vsftpd.log:
There are three different test sources I used
Pastebin Log
EDIT: I checked my vsftpd again and changed all user:pass logins and checked connections by ftp clients.
It is only refusing with Kodi. The Logs are always the same.
Quote:15:34:17.318 T:4640 ERROR: CCurlFile::FillBuffer - Failed: Login denied(67)In vsftpd log I only see this, No user no password error message:
15:34:17.318 T:4640 ERROR: CCurlFile::Open failed with code 530 for ftp://USERNAME:PASSWORD@HOSTNAME:port/:
15:34:19.936 T:4640 ERROR: CCurlFile::FillBuffer - Failed: Login denied(67)
15:34:19.936 T:4640 ERROR: CCurlFile::Open failed with code 530 for ftp://USERNAME:[email protected]:port/:
Quote:Sat Sep 22 15:34:23 2018 [pid 32758] CONNECT: Client "192.168.1.8"All other clients are connecting well.
Finally set logs to verbose in server
Sat Sep 22 16:40:29 2018 [pid 15456] [user] FTP response: Client "192.168.1.8", "530 Non-anonymous sessions must use encryption."
Then I changed source links to:
Quote:ftps://user:[email protected]:port/|verifypeer=falseAnd kodi.log showing this:
Quote:16:59:40.876 T:6908 DEBUG: CGUIMediaWindow::GetDirectory (ftps://USERNAME:[email protected]:port/|verifypeer=false)
16:59:40.876 T:6908 DEBUG: ParentPath = [ftps://USERNAME:[email protected]:port/|verifypeer=false]
16:59:40.877 T:6908 DEBUG: CurlFile::Open(0x86558f4b90) ftps://USERNAME:[email protected]:port/
16:59:40.886 T:6908 ERROR: CCurlFile::FillBuffer - Failed: SSL connect error(35)
16:59:40.886 T:6908 ERROR: CCurlFile::Open failed with code 0 for ftps://USERNAME:[email protected]:port/:
16:59:40.886 T:6908 ERROR: XFILE::CDirectory::GetDirectory - Error getting ftps://USERNAME:[email protected]:port/|verifypeer=false
16:59:40.891 T:6908 ERROR: CGUIMediaWindow::GetDirectory(ftps://USERNAME:[email protected]:port/|verifypeer=false) failed
16:59:40.891 T:6908 DEBUG: CGUIMediaWindow::GetDirectory ()
16:59:40.891 T:6908 DEBUG: ParentPath = [ftps://USERNAME:[email protected]:port/|verifypeer=false]
And here is vsftpd.log:
xml:Sat Sep 22 16:59:44 2018 [pid 18969] CONNECT: Client "192.168.1.8"
Sat Sep 22 16:59:44 2018 [pid 18969] FTP response: Client "192.168.1.8", "220 Hello"
Sat Sep 22 16:59:44 2018 [pid 18969] FTP command: Client "192.168.1.8", "?U?,??@>=?H7??VK7??J?.......
Sat Sep 22 16:59:44 2018 [pid 18969] FTP response: Client "192.168.1.8", "530 Please login with USER and PASS."
Sat Sep 22 16:59:44 2018 [pid 18969] FTP command: Client "192.168.1.8", "?K?J?I?H?9..........
Sat Sep 22 16:59:44 2018 [pid 18969] FTP response: Client "192.168.1.8", "530 Please login with USER and PASS."
Sat Sep 22 16:59:44 2018 [pid 18969] FTP command: Client "192.168.1.8", ".....HOSTNAME"
Sat Sep 22 16:59:44 2018 [pid 18969] FTP response: Client "192.168.1.8", "530 Please login with USER and PASS."
Sat Sep 22 16:59:44 2018 [pid 18969] FTP command: Client "192.168.1.8", ...
Sat Sep 22 16:59:44 2018 [pid 18969] FTP response: Client "192.168.1.8", "530 Please login with USER and PASS."
2018-09-22, 20:50
@ködi-zömbie
A few things...
Please pay a bit more attention when your are plastering log files/snippets into the forum. Some of those logs are triggering our forum emoji's, which can make the logs pretty much illegible and useless.
Also, you already gave the link for the full kodi.log file at the start of your post. Then this happens:
Just refer to the linked log file. Pasting parts of the kodi.log again in your post is not very efficient.
A few things...
Please pay a bit more attention when your are plastering log files/snippets into the forum. Some of those logs are triggering our forum emoji's, which can make the logs pretty much illegible and useless.
Also, you already gave the link for the full kodi.log file at the start of your post. Then this happens:
And kodi.log showing this:
... *sigh*.Just refer to the linked log file. Pasting parts of the kodi.log again in your post is not very efficient.
2018-09-23, 17:26
Enable libcURL component logging and repost your log. There is also no need to try anything except '|auth=TLS&verifypeer=false' (also not the lowercase auth) as that is the only correct way of setting both values.
2018-09-25, 18:09
(2018-09-23, 17:26)Rechi Wrote: [ -> ]Enable libcURL component logging and repost your log. There is also no need to try anything except '|auth=TLS&verifypeer=false' (also not the lowercase auth) as that is the only correct way of setting both values.Thanks, now I found the error:
Quote:DEBUG: Curl:ebug - TEXT: SSL: certificate subject name 'host' does not match target host name 'xxxxx'
DEBUG: Curl:ebug - TEXT: SSL: certificate subject name 'host' does not match target host name '192.168.1.254'
VSFTPD cert, CN=Name need to match the hostname in the sources.xml. Even in a private LAN with IPs its not possible.
That's not funny guys !!!
2018-09-25, 18:25
if you use SSL, do it right. You can always import the cert in your trust store
2018-09-27, 09:40
@wsnipex it is not about the validity of the cert, checking that is already disabled by verifypeer=false, so putting it in the trust store won't help. I agree though that it would be saner to do that in any case :-)
@ködi-zömbie In a private LAN when you use self-signed certs it should not be a problem to have a cert CN that matches the host name or IP, whatever you use in Kodi. You should set it up correctly.
@ködi-zömbie In a private LAN when you use self-signed certs it should not be a problem to have a cert CN that matches the host name or IP, whatever you use in Kodi. You should set it up correctly.
2018-09-27, 09:44
@yol putting it in the trust store usually disables subject name validation as well.
2018-09-27, 10:09
I have my cert in \system\certs\cacert.pem all the time. It does not connect if Hostname not match CommonName
@yol I know that I can give a Hostname to any private address . Thank you
@yol I know that I can give a Hostname to any private address . Thank you
2018-09-27, 10:35
(2018-09-27, 10:09)ködi-zömbie Wrote: [ -> ]I have my cert in \system\certs\cacert.pem all the time.
Great, then you should remove verifypeer=false
So this is solved then?
2018-09-29, 08:35
2019-08-01, 16:48
(2018-05-15, 11:26)wsnipex Wrote: [ -> ]you have to add your server cert to kodi's cert store: [install_dir]\system\certs\cacert.pem
Alternatively, you can provide your own Cert file, by setting the env var SSL_CERT_FILE
Is there a way to do this for a non rooted android device? its easy enough to edit the /data/data/etc...etc/cacert.pem in rooted devices but is there a way round this in a non rooted device?
2020-08-27, 21:12
Sorry for lifting this up but for some strange reasons i cant get access to my filezilla server using my multipurpose letsencrypt certs for the last 2 90 day renews if i dont use that verifypeer=false hack